The SR-IOV option supported_pci_vendor_devs has been deprecated in Newton
and This change removes it from Ocata.
Change-Id: I42dadfd0b62730ca2d34d37cb63f19f6fec75567
Extract all the common utils from common_db_mixin.py in preparation
for moving them to neutron-lib.
This is a preliminary step in preparation for refactoring the
CommonDbMixin class and moving it to neutron-lib also.
Partial Blueprint: neutron-lib
Change-Id: I3cba375a8162cb68e8f988f22f5c8b1ce7915180
IPv6 utils is_enabled() doesn't actually determine if IPv6 is enabled on
the host. It checks if /proc/sys/net/ipv6/conf/default/disable_ipv6 is
present and is set to 0. This kernel configuration option controls if
the kernel will automatically assign IPv6 link-local addresses to newly
created network interfaces when their link state changes to up. The
existence of this /proc files does indicate that the Linux kernel has
the ipv6 module loaded or ipv6 was compiled in. Having this /proc file
set to zero does not indicate IPv6 is not available on the system, just
that newly created interfaces will inherit this configuration and will
not have IPv6 addresses bound to them unless the administrator changes
the interfaces specific /proc/sys/net/ipv6/conf/$IFACE/disable_ipv6
configuration.
This check was added to Neutron so it could operate with distributions
which didn't load the ipv6 kernel module, preventing errors when
attempting to make IPv6 specific configurations in the iptables firewall
driver and the L3 agent. Removing it would break existing deployments.
Renaming this function to provide clarity for complex conditions tested
by this function. In fact it is a good security practice to set this
default disable_ipv6 option to 1, and explicitly enable IPv6 by setting
disable_ipv6=0 on individual interfaces which the administrator intends
to bind IPv6 addresses on. This establishes parity with IPv4 behavior
where interfaces are not active in an address family until the
administrator explicitly configures them to be active in that address
family. This practice does not currently work as expected with the
Neutron, since setting /proc/sys/net/ipv6/conf/default/disable_ipv6 to 1
unexpectedly disables creating IPv6 security group rules leaving
instances completely exposed via IPv6 regardless of security group
rules.
Change-Id: I844b992240a5db642766ec9c04e3b5fcab8e2e23
Refactoring neutron cache_utils config opts to be in neutron/conf so that all
the configuration options for cache_utils reside in a centralized location.
This simplifies the process of looking up the cache_utils config opts and
provides an easy way to import.
Change-Id: I722a2fa7d72c62e6d878d0137f899d09a9ad64ae
Partial-Bug: #1563069
This patch introduces and integrates OVO for SegmentHostMapping.
Change-Id: I99598cf6fa4aefe7d3faee5cb0867d8ea1fff5c2
Partially-Implements: blueprint adopt-oslo-versioned-objects-for-db
If a bulk create happened with a single item, the pecan code would
return back to the user the singular version of the resource in the
body. For example, to bulk create many security group rules, the user
would give in the body of the request the json with a parent key of
"security-group-rules" with a value of a list of json security group
rules. If this list is of length one, then after the creation of the
one security group rule, the API would return back to the client
"security-group-rule" as the parent key. This is not how the legacy
wsgi layer behaved. The behavior is expected when nova creates security
group rules by calling the neutron API through its deprecated security
groups API.
Change-Id: I8757630403e4d486cd3c8dd6f041e9ee326ba3b4
Closes-Bug: #1633671
We are replacing all usages of the 'retrying' package with
'tenacity' as the author of retrying is not actively maintaining
the project. Tenacity is a fork of retrying, but has improved the
interface and extensibility (see [1] for more details). Our end
goal here is removing the retrying package from our requirements.
Tenacity provides the same functionality as retrying, but has the
following major differences to account for:
- Tenacity uses seconds rather than ms as retrying did.
- Tenacity has different kwargs for the decorator and
Retrying class itself.
- Tenacity has a different approach for retrying args by
using classes for its stop/wait/retry kwargs.
- By default tenacity raises a RetryError if a retried callable
times out; retrying raises the last exception from the callable.
Tenacity provides backwards compatibility here by offering
the 'reraise' kwarg.
- Tenacity defines 'time.sleep' as a default value for a kwarg.
That said consumers who need to mock patch time.sleep
need to account for this via mocking of time.sleep before
tenacity is imported.
- For retries that check a result, tenacity will raise if the retried
function raises, whereas retrying retried on all exceptions.
This patch updates all usages of retrying with tenacity.
Unit tests will be included where applicable.
Note: This change is not newton critical so projects are welcome
to hold off on committing until post-newton. Ideally this change
will merge by the first part of Ocata so dependant functionality
can land and have time to solidify for Ocata.
[1] https://github.com/jd/tenacity
Closes-Bug: #1635395
Change-Id: I1c0620894d07d58efbba5226b5244fec950354ca
Add functional tests for the class:
neutron.agent.ovsdb.native.connection.Connection
Change-Id: I92ab574f04efb5e09802fc1d97c2a5715b4ae48d
Related-Bug: 1612403
Co-Authored-By: Terry Wilson <twilson@redhat.com>